villebro commented on issue #28021: URL: https://github.com/apache/superset/issues/28021#issuecomment-2061711417
> > GPT did a decent first pass at merging both, @villebro @michael-s-molina feel free to take it form here, though I feel like we should meet again soon > > The merging is great @mistercrunch! I also think we should sync again. Maybe even a weekly meeting until we have everything figured out. Agreed, a weekly for now would make sense, as this effort will likely otherwise stall due to to its complexity. > > I would prefer to keep the fine-grained access control SIP separate from the proposed SIP for a federated security model. This to make sure we can let interested parties review both SIPs in isolation, without having to fully grasp both. > > @villebro I think it's important to analyze all the requirements together, think about all uses cases, and then start with a simple implementation. When we design the API, the hierarchy of resources, the types of actions we'll support, how we are going to store this information, we need to be able to test our design against all requirements to make sure the consolidated policy manager will work. That being said, we can definitely discuss splitting the SIPs in our next meeting if it's beneficial for reviewers. I agree, for the implementation of the new security system, they do need to be assessed together. However, I feel it's important to give room to discuss this new direction of fine-grained entity-level access controls from a pure usability and governance perspective, as many people will likely not be interested, or have the expertise, to go deep into the new security policy proposal. @rusackas @mistercrunch @michael-s-molina would on of you be able to setup a weekly sync for this? I would otherwise, but I don't have a Zoom account to attach to it. The same time slot we had last time should usually work for me, except next Monday, when I could join at 11:30 am PST. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
